CVE-2025-49823 | conda constructor up to 3.11.2 Installation Prefix command injection (GHSA-44q9-rg2q-5g99)

Inserito da Angelo Barbosa | Giu 17, 2025 | CVE

A vulnerability classified as problematic has been found in conda constructor up to 3.11.2. Affected is an unknown function of the component Installation Prefix Handler. The manipulation leads to command injection.

This vulnerability is traded as CVE-2025-49823. It is possible to launch the attack on the physical device. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-49823 | conda constructor up to 3.11.2 Installation Prefix command injection (GHSA-44q9-rg2q-5g99)

Post correlati

CVE-2024-1895 | awordpresslife Event Monster Plugin up to 1.3.4 on WordPress deserialization

CVE-2024-51919 | Fancy Product Designer Plugin up to 6.4.3 on WordPress unrestricted upload

CVE-2024-9391 | Mozilla Firefox up to 130 on Android Full-screen Mode clickjacking

CVE-2024-35305 | Artica Pandora FMS up to 776 Header Authorization sql injection